search

aido / app-seed-tool

A Ledger application that provides some useful seed management utilities
Apache License 2.0
42 stars 2 forks source link

Check SSKR recovery phrase -> "recovery phrase invalid" #21

Closed InfiniteQE closed 8 months ago

InfiniteQE commented 8 months ago

I have just started relooking at this for the first time in 2-3 months

I downloaded and extracted your latest compiled release compiled_app_binaries.v1_5_4

Then loaded them on a Ledger Nano S Plus (SE 1.1.0, MC 4.03, BL 3.12)

python -m ledgerblue.loadApp --appFlags 0x10 --tlv --targetId 0x33100004 --targetVersion="" --apiLevel 1 --delete --fileName nanos2/bin/app.hex --appName "Seed Tool" --appVersion "1.5.4" --dataSize $((0x`cat debug/app.map |grep _envram_data | tr -s ' ' | cut -f2 -d' '|cut -f2 -d'x'` - 0x`cat debug/app.map |grep _nvram_data | tr -s ' ' | cut -f2 -d' '|cut -f2 -d'x'`)) --icon 0100000000ffffff00ffffffffffffffc3f1c1c3c083e107fb0fff3ffe7ffe7ffe7ffe7ffeffffffff  --curve secp256k1 --path ""

From my previous example : 

seedtool --in bip39 all all all all all all all all all all all all --out hex
seedtool --in hex --out sskr --group 2-of-3 0660cc198330660cc198330660cc1983

tuna acid epic gyro fair chef able acid able very flap jazz fizz judo omit dull drop inch body join zinc luck crux pool puff jugs cola meow yoga

tuna acid epic gyro fair chef able acid acid ugly what flux days very urge memo news fact jowl hope luck jump urge beta veto gush days judo each

tuna acid epic gyro fair chef able acid also mild exit easy luck gala hawk girl gush ugly wave axis cost jade slot yank bulb zero knob next liar

The menu option Check SSKR appears to be broken, I entered into Seed Tool shares 1+2, and tried again shares 2+3 - each time Seed Tool reports "recovery phrase invalid"

Incidentally, this was with the Ledger Nano S Plus already initialised with all all all all all all all all all all all all

aido commented 8 months ago

Hi, @InfiniteQE,

This is strange behaviour. Ledger have function tested the app on a physical Nano S Plus and all seemed fine. Ledger were using the BIP39 phrase trade trade trade trade trade trade trade trade trade trade trade trade trade trade trade trade trade trade trade trade trade trade trade trade for one of their tests.

Can you install Ledger's Recovery Check app on your device and ensure that the BIP39 phrase of the device is what you think it is?

InfiniteQE commented 8 months ago

I have reset and restored my Nano S Plus with the seed beef beef beef beef beef beef beef beef beef beef beef beef

Loaded compiled_app_binaries.v1_5_4 for Nanos2 (I used a slightly modified command line string, python3 in case it made a difference, and changed the icon/size part of the string)

python3 -m ledgerblue.loadApp --appFlags 0x10 --tlv --targetId 0x33100004 --targetVersion="" --apiLevel 1 --delete --fileName nanos2/bin/app.hex --appName "Seed Tool" --appVersion "1.5.4" --dataSize 0 --icon 0100000000ffffff00ffffffffffffffc3f1c1c3c083e107fb0fff3ffe7ffe7ffe7ffe7ffeffffffff --curve secp256k1 --path ""

Using my MacOS Seedtool-cli example from issue #23 

seedtool --in bip39 "beef beef beef beef beef beef beef beef beef beef beef beef"
140280500a0140280500a0140280500a

seedtool --in hex --out sskr --group 2-of-3 140280500a0140280500a0140280500a
tuna acid epic gyro solo idle able acid able ugly buzz join love peck oval leaf lion inky brew many tent yell idle fern taco solo luck half zoom
tuna acid epic gyro solo idle able acid acid plus navy many game limp unit kick acid pool wasp mint knob drum kiln fizz kiwi part knob note yurt
tuna acid epic gyro solo idle able acid also epic blue purr body work good jowl menu wave yawn ruby meow holy hard sets quad menu next peck oboe

seedtool --in sskr                                                          
tuna acid epic gyro solo idle able acid able ugly buzz join love peck oval leaf lion inky brew many tent yell idle fern taco solo luck half zoom
tuna acid epic gyro solo idle able acid acid plus navy many game limp unit kick acid pool wasp mint knob drum kiln fizz kiwi part knob note yurt
^D
140280500a0140280500a0140280500a

seedtool --in sskr
tuna acid epic gyro solo idle able acid acid plus navy many game limp unit kick acid pool wasp mint knob drum kiln fizz kiwi part knob note yurt
tuna acid epic gyro solo idle able acid also epic blue purr body work good jowl menu wave yawn ruby meow holy hard sets quad menu next peck oboe
^D
140280500a0140280500a0140280500a

I have run Seed Tool on my Ledger Nano S Plus > Check SSKR recovery phrase > Enter shards 1 and 2 from the MacOS Seedtool-cli > "Recovery phrase invalid"

aido commented 8 months ago

Hi @InfiniteQE

The "Recovery phrase invalid" message is being given because the checksum of these valid SSKR shares is being checked by a buggy cx_crc32_hw() function. This is the same root cause as #23 so I will mark this issue as a duplicate.

aido commented 8 months ago

Issue fixed in 9a3041ba6e96c7858fdaafb35761efb8715e9250